OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xspa message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Draft meeting minutes March 4, 2014

Minutes for 4 March 2014 TC meeting.
Started at: 1:07 pm EDT

**Attendance:
Mike Davis (Voting Member)
Duane DeCouteau (Voting Members)
Mohammad Jafari (Chair)
Kathleen Connor (Non-member; HL7)

Quorum reached ( 3 out of 4 (%75) of voting members)

- Meeting minutes from the 17 Jan 2014 meeting was approved with unanimous consent.
https://lists.oasis-open.org/archives/xspa/201401/msg00001.html

- Discussion of the SAML profile working draft:
https://lists.oasis-open.org/archives/xspa/201403/msg00000.html

Mohammad: The template has been updated and the document has been reorganized. The definitions have been updated and harmonized with XACML definitions.

Mohammad: I think the reference to the old "XSPA Intro" document does not include much information and I suggest we remove it. 

Mike: We need to check whether we can refer to other standards for the definitions for Access Control Service, Service Consumer, and Service Provider. Also we need to define End User.

Kathleen: HL7 HCS can be a reference for this. 

Mike moved to leave this as an open issue for further research. Unanimously approved.

Mohammad: I don't think it is accurate to assume the access control system is the provider of identity and attribute assertions. According to the SAML model, this is the IdP and the role of IdP is difference from ACS.

Kathleen: In HL7 SLS this is called "ADI provider"

Mike: Older documentation from XSPA assume that the IdP is a component within the ACS.

Mohammad: I also think it should not be bound to the Service Consumer because it may be an independent third party.

Mike moved to leave this as an open issue for further research. Unanimously approved.

Mohammad: I will also check the IHE ITI documentation.

Mohammad: How should we name the data type for the HL7 coded value?  

Duane: It makes sense to scope it under hl7. 

Mohammad: So we will use "urn:hl7-org:v3:cv"

Mohammad: Is urn:gov:hhs:fha:nhinc:service-type deprecated by the standard resource-type?

Duane: Yes.

Duane: The permission attribute should be a multi-valued attribute of type HL7 CV.

Mohammad: Since the time is up we will adjourn and continue the discussion next week. I will apply the approved changes and update the document.

Meeting adjourned at 2:09 ET. 
   

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]